NimbostratusHi i'm using clien ssl with wildcart certification and 20 url's pointed same ip, i'm using irules to divert the traffic based on uri,
now i want to use server ssl with same virtual server for only 3 url's out of 20 url's, can someone let me know the possible options for the request.
CirrostratusHi,
As server side SSL are not in the same event that client side ones, you have to define a flag to set or not server side ssl utilisation.
Here is an example :
when HTTP_REQUEST {
switch [string tolower [HTTP::uri]] {
"/nossl" {
pool abc_pool_https
}
"/serverside" {
set doSSL 1
pool xyz_pool
}
}
}
when SERVER_CONNECTED {
if { $doSSL == 1 }{
SSL::enable serverside
SSL::profile your_SSL_Wilcard_Serverside
}
}
NimbostratusNimbostratus
NimbostratusHi,
As server side SSL are not in the same event that client side ones, you have to define a flag to set or not server side ssl utilisation.
Here is an example :
when HTTP_REQUEST {
switch [string tolower [HTTP::uri]] {
"/nossl" {
pool abc_pool_https
}
"/serverside" {
set doSSL 1
pool xyz_pool
}
}
}
when SERVER_CONNECTED {
if { $doSSL == 1 }{
SSL::enable serverside
SSL::profile your_SSL_Wilcard_Serverside
}
}
You can define multiple iRules or you can use only one.
It depends on what is your criteria.
Are URI the same on every URL ?
NimbostratusNimbostratusYou can define multiple iRules or you can use only one.
It depends on what is your criteria.
Are URI the same on every URL ?
NimbostratusNimbostratusIf you want to apply server ssl for some of your URL, you need to use switch condition.
Your iRule will look like that :
when HTTP_REQUEST {
switch [string tolower [HTTP::host]] {
"host.ssl.wanted" {
switch [string tolower [HTTP::uri]] {
"/nossl" {
pool nossl
}
"/serverside" {
set doSSL 1
pool pool_ssl_wanted
}
}
}
"host.ssl.unwanted" {
pool pool_serverside_nonssl
}
}
}
when SERVER_CONNECTED {
if { $doSSL == 1 }{
SSL::enable serverside
SSL::profile your_SSL_Wilcard_Serverside
}
}
Serverssl is included with LTM licence.
So you don't need to buy anything else.